Lucene search

[email protected]CVE-2002-2172

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2172

2022-10-0316:23:50

[email protected]

web.nvd.nist.gov

cve-2002-2172

informed

designer

filler 3.05

encrypted file

sensitive information

nvd

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information.

Affected configurations

NVD

Node

shanainformed_designerMatch3.5

shanainformed_fillerMatch3.5

CPENameOperatorVersion
shana:informed_designershana informed designereq3.5
shana:informed_fillershana informed fillereq3.5

CPE	Name	Operator	Version
shana:informed_designer	shana informed designer	eq	3.5
shana:informed_filler	shana informed filler	eq	3.5

References

online.securityfocus.com/archive/1/293052

www.cirt.net/advisories/shana.shtml

www.iss.net/security_center/static/10192.php

www.securityfocus.com/bid/5795

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for CVE-2002-2172

cvelist1 nvd1